Question No: 781 – (Topic 4)

A company has purchased an application that integrates into their enterprise user directory for account authentication. Users are still prompted to type in their usernames and passwords. Which of the following types of authentication is being utilized here?

Separation of duties

Least privilege

Same sign-on

Single sign-on

Answer: C

Explanation: Same sign-on requires the users to re-enter their credentials but it allows them to use the same credentials that they use to sign on locally.

Question No: 782 – (Topic 4)

Which of the following provides dedicated hardware-based cryptographic functions to an operating system and its applications running on laptops and desktops?

TPM

HSM

CPU

FPU

Answer: A Explanation:

Trusted Platform Module (TPM) is a hardware-based encryption solution that is embedded in the system’s motherboard and is enabled or disable in BIOS. It helps with hash key generation and stores cryptographic keys, passwords, or certificates.

Question No: 783 – (Topic 4)

Which of the following is a hardware-based security technology included in a computer?

Symmetric key

Asymmetric key

Whole disk encryption

Trusted platform module

Answer: D Explanation:

Trusted Platform Module (TPM) is a hardware-based encryption solution that is embedded in the system’s motherboard and is enabled or disable in BIOS. It helps with hash key generation and stores cryptographic keys, passwords, or certificates.

Question No: 784 – (Topic 4)

After a security incident involving a physical asset, which of the following should be done at the beginning?

Record every person who was in possession of assets, continuing post-incident.

Create working images of data in the following order: hard drive then RAM.

Back up storage devices so work can be performed on the devices immediately.

Write a report detailing the incident and mitigation suggestions.

Answer: A Explanation:

Asset tracking is the process of maintaining oversight over inventory, and ensuring that a device is still in the possession of the assigned authorized user.

Question No: 785 – (Topic 4)

One of the most consistently reported software security vulnerabilities that leads to major exploits is:

Lack of malware detection.

Attack surface decrease.

Inadequate network hardening.

Poor input validation.

Answer: D Explanation:

D: With coding there are standards that should be observed. Of these standards the most fundamental is input validation. Attacks such as SQL injection depend on unfiltered input being sent through a web application. This makes for a software vulnerability that can be exploited. There are two primary ways to do input validation: client-side validation and server-side validation. Thus with poor input validation you increase your risk with regard to exposure to major software exploits.

Question No: 786 – (Topic 4)

Which of the following would be MOST appropriate if an organization#39;s requirements mandate complete control over the data and applications stored in the cloud?

Hybrid cloud

Community cloud

Private cloud

Public cloud

Answer: C Explanation:

A private cloud is a cloud service for internal use only and is located within a corporate network rather than on the Internet. It is usually owned, managed, and operated by the company, which gives the company full control over the data and applications stored in the cloud.

Question No: 787 – (Topic 4)

A security administrator has concerns regarding employees saving data on company provided mobile devices. Which of the following would BEST address the administrator’s concerns?

Install a mobile application that tracks read and write functions on the device.

Create a company policy prohibiting the use of mobile devices for personal use.

Enable GPS functionality to track the location of the mobile devices.

Configure the devices so that removable media use is disabled.

Answer: D Explanation:

Mobile devices can be plugged into computers where they appear as an additional disk in the same way as a USB drive. This is known as removable media. This would enable users to copy company data onto the mobile devices. By disabling removable media use, the users will not be able to copy data onto the mobile devices.

Question No: 788 – (Topic 4)

Without validating user input, an application becomes vulnerable to all of the following EXCEPT:

Buffer overflow.

Command injection.

Spear phishing.

SQL injection.

Answer: C Explanation:

Input validation is a defensive technique intended to mitigate against possible user input attacks, such as buffer overflows and fuzzing. Input validation checks every user input submitted to the application before processing that input. The check could be a length, a character type, a language type, or a domain.

Question No: 789 – (Topic 4)

Which of the following encompasses application patch management?

Configuration management

Policy management

Cross-site request forgery

Fuzzing

Answer: A Explanation:

Patch management is the process of maintaining the latest source code for applications and operating systems by applying the latest vendor updates. This helps protect a systems from newly discovered attacks and vulnerabilities. A part of patch management is testing the effects of vendor updates on a test system first to ensure that the updates do not have detrimental effects on the system and its configuration, and, should the updates have no detrimental effects on the test systems, backing up the production systems before applying the updates on a production system.

Question No: 790 – (Topic 4)

Which of the following would prevent a user from installing a program on a company-owned mobile device?

White-listing

Access control lists

Geotagging

Remote wipe

Answer: A Explanation:

Application whitelisting is a form of application security which prevents any software from running on a system unless it is included on a preapproved exception list.